NAXSI means Nginx Anti XSS & SQL Injection.

The nginx nasxi module, by default, reads a small subset of simple (and
readable) rules containing 99% of known patterns involved in website
vulnerabilities. For example, <, | or drop are not supposed to be part of a URI.

Being very simple, those patterns may match legitimate queries, it is the
Naxsi's administrator duty to add specific rules that will whitelist legitimate
behaviours. The administrator can either add whitelists manually by analyzing
nginx's error log, or (recommended) start the project with an intensive
auto-learning phase that will automatically generate whitelisting rules
regarding a website's behaviour.

In short, Naxsi behaves like a DROP-by-default firewall, the only task is to add
required ACCEPT rules for the target website to work properly.
